formance

SUSPICIOUS. The skill’s actions match its stated purpose, and the CLI install path is an official npm package rather than an opaque binary. However, the core integration is not direct Formance access: authentication, connections, and action execution are mediated by Membrane, so Formance data and auth context flow through a third-party broker. That mismatch raises medium security risk even without clear malicious behavior.